Attacks carried out through the Internet against computer applications and equipment are increasing in frequency and sophistication. Although these attacks have often targeted web applications, they are increasingly focused on devices of the Internet of Things (IoT) revolution. The Internet of Things is the growing network of physical objects, devices, or ‘things’ embedded with electronics, software, sensors, and network connectivity, enabling data exchange and tracking. Emerging Internet of Things ecosystems rely upon valid streams of data to support analyses and decisions regarding a multitude of devices. Data streams may become invalid or inaccurate due to faulty sensors, misconfigured edge nodes, and malicious attack vectors.
Tools are presently available to detect and defend against attacks that are carried out through the Internet against HTML interface web applications. In contrast, IoT devices and applications, and the web services and application programming interfaces (APIs) they rely upon, suffer from immature technologies and methods for protection from such attacks. Because these devices interact with humans in a tangible manner, compromised security presents a much greater potential risk for enterprises and individuals than existing web applications. To effectively protect those that benefit from an IoT device or service, both the source of the data and the data stream should be evaluated for risk.
At present, there are no integrated solutions to provide a systematic method to score and manage risk associated with data in an IoT context. Statistical methods and analyses may be used to clean data, but such methods often rely on a statistical distribution of the data, instead of focusing on the data itself.
Accordingly, there is a need in the marketplace for a data risk assessment solution capable of proactively determining the risk of a data stream in an IoT environment or similar context. The present disclosure describes a data risk monitoring service capable of providing such a service. The present disclosure also applies risk assessment methods to data streams and transactions to provide valuable security for modern communications, such as, for example, app-to-app communications. This distinctive solution may be extended to applications, databases, storage, etc. Embodiments of the present disclosure may address the above problems, and other problems, individually and collectively.